Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
File:                     Ay1SsyOaHOPN00MxNIzngN3xZMA.mft (raw, json)
Hash identifier:          PPeUOhqXKHs+cW+ieDtzHNpnx17wAuji8Ly8oj/4BGg=
Subject key identifier:   3B:D9:4A:2F:A0:C9:87:61:8B:1A:8B:E5:AA:AE:52:C0:33:E9:29:C9
Authority key identifier: 03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0
Certificate issuer:       /CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
Certificate serial:       0199FBEBECBF06DCF1B41F3AA91604298C07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
Manifest number:          0793
Signing time:             Sun 19 Oct 2025 10:02:46 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:46 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:46 +0000
Files and hashes:         1: Ay1SsyOaHOPN00MxNIzngN3xZMA.crl (hash: eOvoeUyC8loylTKL/6SKxOA1g1E/iznGDPIa1qC6FsI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:ec:bf:06:dc:f1:b4:1f:3a:a9:16:04:29:8c:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
        Validity
            Not Before: Oct 19 10:02:46 2025 GMT
            Not After : Oct 20 10:02:46 2025 GMT
        Subject: CN=3bd94a2fa0c987618b1a8be5aaae52c033e929c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:a2:2b:2d:43:ec:c2:db:b8:af:75:31:3a:29:
                    d9:0d:4f:1a:6a:23:b7:d0:da:f9:95:6d:7a:78:e7:
                    91:56:8f:91:77:7b:94:52:20:76:e9:1f:c3:72:4d:
                    98:38:84:43:8d:52:fe:c0:c6:48:c8:eb:54:70:e3:
                    9d:94:b7:b5:2e:9f:b5:6f:f6:ff:dc:66:69:88:e2:
                    3c:81:ed:23:df:d7:dd:f1:29:eb:51:a1:38:ba:f5:
                    32:45:6f:50:5b:9e:63:51:03:b4:fb:1e:9e:4e:fb:
                    dd:b1:c4:49:d7:23:a0:22:ec:b3:b8:63:0f:71:8a:
                    d6:1e:64:e8:e5:51:7d:b1:10:d7:65:70:4e:0d:19:
                    03:71:a5:56:db:b3:85:f1:f6:44:64:a3:d0:43:11:
                    89:55:e1:aa:92:80:30:df:1f:db:9e:8c:97:f5:6d:
                    15:4c:7b:28:a5:c5:f4:35:a1:e4:c3:eb:df:55:00:
                    f7:9b:26:dd:a7:0a:da:4b:a8:f5:cb:dc:14:06:fc:
                    3b:ce:87:b0:f7:f6:41:68:35:a4:45:40:d4:cf:d0:
                    28:2a:84:0c:eb:42:68:8c:04:1f:b4:5c:37:d7:fc:
                    40:05:25:61:76:04:98:79:8f:74:9b:ce:10:97:f4:
                    d3:ec:e4:45:4c:29:99:ee:48:d2:6f:45:dc:a4:9f:
                    07:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:D9:4A:2F:A0:C9:87:61:8B:1A:8B:E5:AA:AE:52:C0:33:E9:29:C9
            X509v3 Authority Key Identifier:
                keyid:03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:76:83:1f:bc:2c:7c:e3:a2:f0:ec:1b:16:1c:e0:e0:d7:47:
         13:73:dd:37:f0:17:7b:5a:09:bc:de:76:9e:96:01:42:64:33:
         b0:31:26:a0:50:cc:bd:14:21:46:aa:83:0e:1e:cd:e6:f9:78:
         89:52:ae:3e:2f:e4:d1:e2:3e:ae:ce:ae:3f:c1:60:23:bb:6b:
         8b:6b:0c:7d:19:bc:7a:7c:c5:fd:a5:21:ce:ed:38:8d:0e:43:
         23:6a:49:6f:61:75:a5:90:07:1a:94:57:1e:4d:d2:c0:d3:a7:
         17:eb:b9:58:1c:6e:53:6b:82:c3:79:1d:09:0b:f1:46:65:ec:
         94:6b:a0:46:a0:80:cf:e3:5e:9e:cd:6e:d2:70:2f:99:4d:76:
         2c:9d:95:d8:76:92:bd:c9:7f:89:0b:35:31:17:c3:08:a9:3c:
         87:8f:8b:9c:5e:fc:c4:93:30:3a:f1:73:79:15:2a:ef:9a:71:
         fd:e9:38:19:ec:03:94:e6:55:02:61:93:c8:42:92:11:aa:b1:
         2d:39:ec:7f:16:b8:01:f9:2b:5b:4d:85:b9:0e:fe:13:56:ed:
         af:24:ab:49:ca:b7:88:c0:4d:59:d8:d0:25:b3:aa:0e:d4:e0:
         82:3b:38:04:88:7f:31:43:b0:bf:82:a0:ee:10:eb:ca:14:9f:
         c1:c7:5b:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76+y/BtzxtB86qRYEKYwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQ1MmIzMjM5YTFjZTNjZGQzNDMzMTM0OGNlNzgwZGRm
MTY0YzAwHhcNMjUxMDE5MTAwMjQ2WhcNMjUxMDIwMTAwMjQ2WjAzMTEwLwYDVQQD
EygzYmQ5NGEyZmEwYzk4NzYxOGIxYThiZTVhYWFlNTJjMDMzZTkyOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aIrLUPswtu4r3UxOinZDU8aaiO3
0Nr5lW16eOeRVo+Rd3uUUiB26R/Dck2YOIRDjVL+wMZIyOtUcOOdlLe1Lp+1b/b/
3GZpiOI8ge0j39fd8SnrUaE4uvUyRW9QW55jUQO0+x6eTvvdscRJ1yOgIuyzuGMP
cYrWHmTo5VF9sRDXZXBODRkDcaVW27OF8fZEZKPQQxGJVeGqkoAw3x/bnoyX9W0V
THsopcX0NaHkw+vfVQD3mybdpwraS6j1y9wUBvw7zoew9/ZBaDWkRUDUz9AoKoQM
60JojAQftFw31/xABSVhdgSYeY90m84Ql/TT7ORFTCmZ7kjSb0XcpJ8H5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvZSi+gyYdhixqL5aquUsAz6SnJMB8GA1UdIwQY
MBaAFAMtUrMjmhzjzdNDMTSM54Dd8WTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQt
ZTdhZDczYmJjYzg5LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQtZTdhZDczYmJjYzg5
LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXaDH7ws
fOOi8OwbFhzg4NdHE3PdN/AXe1oJvN52npYBQmQzsDEmoFDMvRQhRqqDDh7N5vl4
iVKuPi/k0eI+rs6uP8FgI7tri2sMfRm8enzF/aUhzu04jQ5DI2pJb2F1pZAHGpRX
Hk3SwNOnF+u5WBxuU2uCw3kdCQvxRmXslGugRqCAz+Nens1u0nAvmU12LJ2V2HaS
vcl/iQs1MRfDCKk8h4+LnF78xJMwOvFzeRUq75px/ek4GewDlOZVAmGTyEKSEaqx
LTnsfxa4AfkrW02FuQ7+E1btrySrScq3iMBNWdjQJbOqDtTggjs4BIh/MUOwv4Kg
7hDryhSfwcdbIw==
-----END CERTIFICATE-----